使用SR替代LDP，配置ospf sham-link

使用SR替代LDP，配置ospf sham-link

1.本文所使用的软件均来自互联网，作者只为学习目的使用该软件，没有任何软件分发行为。

2.本文所展示的配置只适用于实验环境，不建议在生产环境使用完全相同的配置；由此导致的任何问题，作者不负任何责任。

实验拓扑

IP地址规划

设备型号及软件版本

目标

1. CSR1, CSR2和xrv配置 IS-IS协议作为底层IGP，在此基础上配置segment-routing。

2. CSR1和xrv作为PE设备，配置×××v4 BGP邻居，AS号64512。

3. CSR1和vIOS4配置单区域OSPFv2，进程ID 2019；xrv与vIOS5配置单区域OSPFv2，进程ID 2019；PE设备配置OSPFv2和MP-BGP双向重分布。

4. CSR1和xrv配置loopback 1接口，将该接口划分为客户VRF下，并在MP-BGP进程，客户VRF下宣告主机路由。

5. CSR1和xrv的OSPFv2配置sham-link

配置步骤

MPLS ×××基本配置步骤：

1.配置IGP，

2.配置MPLS（segment-routing），

3.配置MP-BGP，

4.配置VRF，

5.配置PE-CE路由协议，

6.PE 配置MP-BGP和VRF路由重分布。

IOS-XE和IOS-XR配置IGP(IS-IS)

设备接口IP地址配置（略）

XEv3

router isis igpis-type level-2-only !---配置ISIS为骨干区域 net 49.2019.0519.0001.00log-adjacency-changes !---记录邻接log信息metric-style wide !---使能isis宽度量exitinterface Loopback0ip router isis igpinterface GigabitEthernet1ip router isis igpisis circuit-type level-2-only !---修改链路为level-2isis network point-to-point !---修改ISIS网络类型

XRv4

router isis igpis-type level-2-onlynet 49.2019.0519.0003.00log adjacency changesaddress-family ipv4 unicastmetric-style wideinterface Loopback0address-family ipv4 unicastinterface GigabitEthernet0/0/0/0address-family ipv4 unicastcircuit-type level-2-onlypoint-to-pointcommit

2 验证IS-IS

CSR2#show ip route isis | b bn11.0.0.0/32 is subnetted, 1 subnetsi L2 11.1.1.1 [115/20] via 172.16.0.1, 1d00h, GigabitEthernet133.0.0.0/32 is subnetted, 1 subnetsi L2 33.1.1.1 [115/20] via 172.16.0.5,19:06:28, GigabitEthernet2 RP/0/0/CPU0:xrv#show route ipv4 isisi L2 11.1.1.1/32 [115/30] via 172.16.0.6, 19:11:15, GigabitEthernet0/0/0/2i L2 22.1.1.1/32 [115/20] via 172.16.0.6, 19:11:15, GigabitEthernet0/0/0/2i L2 172.16.0.0/30 [115/20] via 172.16.0.6, 19:11:15, GigabitEthernet0/0/0/2

3 配置MPLS(segment-routing)

XEv3 segment-routing mplsconnected-prefix-sid-mapaddress-family ipv411.1.1.1/32 index 1 range 1 exit-address-familyrouter isis igpsegment-routing mpls XRv4 segment-routingrouter isis igpaddress-family ipv4 unicastmetric-style widesegment-routing mpls interface Loopback0address-family ipv4 unicastprefix-sid index 33commit

4 验证MPLS

CSR1#show mpls forwarding-table Local Outgoing Prefix Bytes Label Outgoing Next Hop Label Label or Tunnel Id Switched interface 16 Pop Label 172.16.0.2-A 0 Gi1 172.16.0.2 21 Pop Label 11.1.1.2/32[V] 0 aggregate/ospf 16022 Pop Label 22.1.1.1/32 0 Gi1 172.16.0.2 16033 16033 33.1.1.1/32 0 Gi1 172.16.0.2 RP/0/0/CPU0:xrv#show mpls forwarding Local Outgoing Prefix Outgoing Next Hop Bytes Label Label or ID Interface Switched 16011 16011 SR Pfx (idx 11) Gi0/0/0/2 172.16.0.6 208166 16022 Pop SR Pfx (idx 22) Gi0/0/0/2 172.16.0.6 0 24006 Pop SR Adj (idx 1) Gi0/0/0/2 172.16.0.6 0 24007 Pop SR Adj (idx 3) Gi0/0/0/2 172.16.0.6 0

5 配置MP-BGP

CSR1 router bgp 64512bgp router-id 11.1.1.1no bgp default ipv4-unicastneighbor 33.1.1.1 remote-as 64512neighbor 33.1.1.1 update-source Loopback0address-family ***v4　neighbor 33.1.1.1 activate xrv router bgp 64512bgp router-id 33.1.1.1address-family v4 unicastneighbor 11.1.1.1　remote-as 64512　update-source Loopback0　address-family v4 unicastcommit 验证如下： CSR1#show bgp ***v4 unicast all sum | b ghNeighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd33.1.1.1 4 64512 1254 1429 315 0 0 20:17:43 4 RP/0/0/CPU0:xrv#show bgp ***v4 unicast summary | b ghNeighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd11.1.1.1 0 64512 1890 1674 249 0 0 20:18:04 4

6 配置VRF and PE-CE routing protocol

6.1定义VRF

CSR1 vrf definition AAArd 64512:4address-family ipv4route-target export 64512:45route-target import 64512:45exit-address-family xrv vrf AAAaddress-family ipv4 unicastimport route-target64512:45export route-target64512:45

6.2 PE to CE Interface config

CSR1 interface GigabitEthernet2vrf forwarding AAAip address 14.1.1.1 255.255.255.252no shutdown xrv interface GigabitEthernet0/0/0/0vrf AAAipv4 address 35.1.1.1 255.255.255.252no shutdown

6.3 PE OSPFv2 config

CSR1 router ospf 2019 vrf AAArouter-id 14.1.1.1interface GigabitEthernet2ip ospf network point-to-pointip ospf 14 area 0 xrv router ospf 35address-family ipv4 unicastvrf AAArouter-id 35.1.1.1address-family ipv4 unicastarea 0interface GigabitEthernet0/0/0/0network point-to-point

6.4 CE OSPFv2 config

vIOS4 interface GigabitEthernet0/0ip address 14.1.1.2 255.255.255.252no shutdownip ospf 2019 area 0ip ospf network point-to-pointrouter ospf 2019 router-id 44.1.1.1 vIOS5 interface GigabitEthernet0/0ipv4 address 35.1.1.2 255.255.255.252no shutdownip ospf 2019 area 0ip ospf network point-to-pointrouter ospf 2019 router-id 55.1.1.1

6.5 PE OSPFv2 and MP-BGP redistribute

CSR1 router ospf 14 vrf AAAredistribute bgp 64512 metric-type 1 subnetsinterface GigabitEthernet2router bgp 64512address-family ipv4 vrf AAAredistribute ospf 14 match internal external 1 external 2 xrv router ospf 35vrf AAAredistribute bgp 64512 metric-type 1 router bgp 64512vrf AAArd 64512:5address-family ipv4 unicastredistribute ospf 35 match internal external

6.6 验证PE-CE OSPFv2配置

CSR1#show ip route vrf AAA ospf | b bn35.0.0.0/30 is subnetted, 1 subnetsO 35.1.1.0 [110/2] via 33.1.1.1, 00:00:3244.0.0.0/32 is subnetted, 1 subnetsO 44.1.1.1 [110/2] via 14.1.1.2, 00:00:34, GigabitEthernet245.0.0.0/29 is subnetted, 1 subnetsO IA 45.1.1.0 [110/20001] via 14.1.1.2, 00:00:34, GigabitEthernet2 vIOS4#sho ip route ospf | b bn35.0.0.0/30 is subnetted, 1 subnetsO E1 35.1.1.0 [110/2] via 14.1.1.1, 00:23:54, GigabitEthernet0/055.0.0.0/32 is subnetted, 1 subnetsO E1 55.1.1.1 [110/3] via 14.1.1.1, 00:23:54, GigabitEthernet0/0 vIOS4#ping 55.1.1.1 sour lo 0Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 55.1.1.1, timeout is 2 seconds:Packet sent with a source address of 44.1.1.1 !!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 11/15/33 msvIOS4#traceroute 55.1.1.1 sour lo 0Type escape sequence to abort.Tracing the route to 55.1.1.1VRF info: (vrf in name/id, vrf out name/id)1 14.1.1.1 8 msec 5 msec 3 msec2 172.16.0.2 [MPLS: Labels 16033/24003 Exp 0] 19 msec 25 msec 10 msec3 172.16.0.5 [MPLS: Label 24003 Exp 0] 13 msec 12 msec 8 msec4 35.1.1.2 12 msec 19 msec * vIOS4# CSR1#sho bgp *v4 uni all 44.1.1.1BGP routing table entry for 64512:4:44.1.1.1/32, version 383Paths: (1 available, best #1, table AAA)Advertised to update-groups:5 Refresh Epoch 1Local14.1.1.2 (via vrf ospf) from 0.0.0.0 (11.1.1.1)Origin incomplete, metric 2, localpref 100, weight 32768, valid, sourced, bestExtended Community: RT:64512:45 OSPF DOMAIN ID:0x0005:0x0000000E0200 OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:14.1.1.1:0mpls labels in/out 23/nolabelrx pathid: 0, tx pathid: 0x0!--- DOMAIN ID:0x0005:0x0000000E0200 16进制E=10进制14**（CSR1 ospfv2 进程ID）

6.7 修改/添加ospfv2 DOMAIN ID

IOS-XR默认不携带DOMAIN ID值 RP/0/0/CPU0:xrv#show bgp ***v4 uni vrf ospf 55.1.1.1/32 BGP routing table entry for 55.1.1.1/32, Route Distinguisher: 64512:5Versions:Process bRIB/RIB SendTblVerSpeaker 345 345Local Label: 24003Last Modified: May 22 02:21:42.463 for 06:05:44Paths: (1 available, best #1)Advertised to peers (in unique update groups):11.1.1.1 Path #1: Received by speaker 0Advertised to peers (in unique update groups):11.1.1.1 Local35.1.1.2 from 0.0.0.0 (33.1.1.1)Origin incomplete, metric 2, localpref 100, weight 32768, valid, redistributed, best, group-best, import-candidateReceived Path ID 0, Local Path ID 1, version 345Extended community: OSPF route-type:0:1:0x0 OSPF router-id:35.1.1.1 RT:64512:45 CSR1#show bgp ***v4 uni vrf AAA 55.1.1.1/32BGP routing table entry for 64512:4:55.1.1.1/32, version 417Paths: (1 available, best #1, table ospf, RIB-failure(17))Not advertised to any peerRefresh Epoch 1Local, imported path from 64512:5:55.1.1.1/32 (global)33.1.1.1 (metric 30) (via default) from 33.1.1.1 (33.1.1.1)Origin incomplete, metric 2, localpref 100, valid, internal, bestExtended Community: RT:64512:45 OSPF RT:0.0.0.0:1:0 OSPF ROUTER ID:35.1.1.1:0mpls labels in/out nolabel/24003rx pathid: 0, tx pathid: 0x0 在IOS-XR设备添加DOMAIN ID RP/0/0/CPU0:xrv#confRP/0/0/CPU0:xrv(config)#router ospf 35RP/0/0/CPU0:xrv(config-ospf)#vrf AAARP/0/0/CPU0:xrv(config-ospf-vrf)#domain-id type 0005 value 000000230200RP/0/0/CPU0:xrv(config-ospf-vrf)#commit!--- 23(hex)=35(dec)RP/0/0/CPU0:xrv(config-ospf-vrf)#do show bgp ***v4 uni vrf ospf 55.1.1.1/32 | in communityWed May 22 09:38:03.422 UTCExtended community: OSPF domain-id:0x5:0x000000230200 OSPF route-type:0:1:0x0 OSPF router-id:35.1.1.1 RT:64512:45 CSR1#show bgp ***v4 uni vrf ospf 55.1.1.1/32 | i unityExtended Community: RT:64512:45 OSPF DOMAIN ID:0x0005:0x000000230200

6.8 配置CE之间的backdoor link

vIOS5 interface GigabitEthernet0/1ip address 45.1.1.5 255.255.255.248ip ospf network point-to-pointip ospf 2019 area 45ip ospf cost 20000!---模拟×××链路故障，在vIOS5上手工shutdown链路vIOS5(config-if)#int g0/0vIOS5(config-if)#shuMay 20 10:17:09.190: %OSPF-5-ADJCHG: Process 2019, Nbr 35.1.1.1 on GigabitEthernet0/0 from FULL to DOWN, Neighbor Down: Interface down or detachedMay 20 10:17:11.136: %LINK-5-CHANGED: Interface GigabitEthernet0/0, changed state to administratively downMay 20 10:17:12.137: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to downvIOS5(config-if)#vIOS5(config-if)#do sho ip route ospf | b bn14.0.0.0/30 is subnetted, 1 subnetsO IA 14.1.1.0 [110/20001] via 45.1.1.4, 00:00:33, GigabitEthernet0/135.0.0.0/30 is subnetted, 1 subnetsO 35.1.1.0 [110/20003] via 45.1.1.4, 00:00:33, GigabitEthernet0/144.0.0.0/32 is subnetted, 1 subnetsO IA 44.1.1.1 [110/20001] via 45.1.1.4, 00:00:33, GigabitEthernet0/1vIOS5(config-if)#!---在vIOS4上查看ospf路由vIOS4#sho ip route ospf | b bn35.0.0.0/30 is subnetted, 1 subnetsO IA 35.1.1.0 [110/3] via 14.1.1.1, 00:09:31, GigabitEthernet0/055.0.0.0/32 is subnetted, 1 subnetsO IA 55.1.1.1 [110/4] via 14.1.1.1, 00:09:31, GigabitEthernet0/0vIOS4#sho ip route ospf | b bn35.0.0.0/30 is subnetted, 1 subnetsO IA 35.1.1.0 [110/3] via 14.1.1.1, 00:11:41, GigabitEthernet0/055.0.0.0/32 is subnetted, 1 subnetsO IA 55.1.1.1 [110/20001] via 45.1.1.5, 00:00:05, GigabitEthernet0/1!---恢复链路vIOS5(config-if)#no shuMay 20 10:18:48.972: %LINK-3-UPDOWN: Interface GigabitEthernet0/0, changed state to upMay 20 10:18:49.971: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to upMay 20 10:19:04.220: %OSPF-5-ADJCHG: Process 2019, Nbr 35.1.1.1 on GigabitEthernet0/0 from LOADING to FULL, Loading Done vIOS4#sho ip route ospf | b bn35.0.0.0/30 is subnetted, 1 subnetsO IA 35.1.1.0 [110/3] via 14.1.1.1, 00:14:48, GigabitEthernet0/055.0.0.0/32 is subnetted, 1 subnetsO IA 55.1.1.1 [110/4] via 14.1.1.1, 00:01:18, GigabitEthernet0/0

6.9 配置OSPFv2 sham-link

6.9.1 Config loopback 1 and propaganda into BGP VRF address-family IPv4

CSR1 interface Loopback1vrf forwarding ospfipv4 address 11.1.1.2 255.255.255.255router bgp 64512address-family ipv4 vrf AAAnetwork 11.1.1.2 mask 255.255.255.255

xrv interface Loopback1vrf AAA ipv4 address 33.1.1.2 255.255.255.255router bgp 64512vrf AAAaddress-family ipv4 unicastnetwork 33.1.1.2/32

6.9.2 Under OSPFv2 process config sham-link

CSR1 router ospf 14 vrf AAAarea 0 sham-link 11.1.1.2 33.1.1.2 cost 200 xrv router ospf 35vrf AAAaddress-family ipv4 unicastarea 0sham-link 33.1.1.2 11.1.1.2cost 200

6.10 验证sham-ink

CSR1(config-router)#area 0 sham-link 11.1.1.2 33.1.1.2 cost 200CSR1(config-router)#do sho ip ospf neig*May 22 08:45:02.593: %OSPF-5-ADJCHG: Process 14, Nbr 35.1.1.1 on OSPF_SL3 from LOADING to FULL, Loading DoneNeighbor ID Pri State Dead Time Address Interface35.1.1.1 0 FULL/ - 00:00:37 33.1.1.2 OSPF_SL344.1.1.1 0 FULL/ - 00:00:34 14.1.1.2 GigabitEthernet2 CSR1#show ip route vrf AAA ospf | b bn35.0.0.0/30 is subnetted, 1 subnetsO 35.1.1.0 [110/201] via 33.1.1.1, 01:04:1344.0.0.0/32 is subnetted, 1 subnetsO 44.1.1.1 [110/2] via 14.1.1.2, 01:05:46, GigabitEthernet245.0.0.0/29 is subnetted, 1 subnetsO IA 45.1.1.0 [110/20001] via 14.1.1.2, 01:05:46, GigabitEthernet255.0.0.0/32 is subnetted, 1 subnetsO 55.1.1.1 [110/202] via 33.1.1.1, 01:04:13vIOS4#sho ip route ospf | b bn11.0.0.0/32 is subnetted, 1 subnetsO E1 11.1.1.2 [110/2] via 14.1.1.1, 01:06:20, GigabitEthernet0/033.0.0.0/32 is subnetted, 1 subnetsO E1 33.1.1.2 [110/2] via 14.1.1.1, 01:06:20, GigabitEthernet0/035.0.0.0/30 is subnetted, 1 subnetsO 35.1.1.0 [110/202] via 14.1.1.1, 01:04:42, GigabitEthernet0/055.0.0.0/32 is subnetted, 1 subnetsO 55.1.1.1 [110/203] via 14.1.1.1, 01:04:42, GigabitEthernet0/0

6.11 隐藏sham-link地址

CSR1: ip prefix-list conn seq 5 permit 11.1.1.2/32ip prefix-list conn seq 10 permit 33.1.1.2/32route-map deny-conn deny 10 match ip address prefix-list connroute-map deny-conn permit 20CSR1(config-router-af)#router ospf 14 vrf ospfCSR1(config-router)#redis bgp 64512 subnets route-map deny-conn xrv: prefix-set conn11.1.1.2/32,33.1.1.2/32end-set route-policy deny-connif destination in conn thendropelsepassendifend-policy RP/0/0/CPU0:xrv(config)#router ospf 35RP/0/0/CPU0:xrv(config-ospf)#vrf ospfRP/0/0/CPU0:xrv(config-ospf-vrf)#redist bgp 64512 route-policy deny-connRP/0/0/CPU0:xrv(config-ospf-vrf)#commit vIOS5#sho ip route ospf | b bn14.0.0.0/30 is subnetted, 1 subnetsO 14.1.1.0 [110/202] via 35.1.1.1, 00:07:05, GigabitEthernet0/044.0.0.0/32 is subnetted, 1 subnetsO 44.1.1.1 [110/203] via 35.1.1.1, 00:07:05, GigabitEthernet0/0CE设备看不到sham-link地址

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。